E is for Endpoint II: How to Implement the Vital Layers on Your Endpoints

IT security professionals rank third-party application vulnerabilities as the greatest security risk of 2012. And yet malware continues to exploit these – and other – vulnerabilities to breach our defenses. Clearly there’s a disconnect between knowing the problem and solving it. Yet it does not have to be this way, if we intelligently apply adequate protections against the exploitation of these vulnerabilities.

As Windows support requirements continue to dominate the focus of enterprise endpoint management efforts, an increasing number of Apple device users are becoming frustrated with being treated as second-class citizens. At the heart of the problem are Windows-centric practices and solutions that do not comprehensively translate to supporting Mac and iOS platforms.

However, adoption of Apple management point solutions that operate independent of existing Windows administration platforms only add to management complexity and fail to achieve service reliability and cost-effectiveness.

In this session, 6x Microsoft MVP and Sr. Solutions Specialist, Duncan McAlynn, will have a discussion with Logun Baker, Senior Systems Administrator for The Huntington National Bank, regarding the challenges of 3rd party application patching within their enterprise and how they have solved those problems

During the webinar, McAlynn will also be demonstrating how PatchLink natively plugs into the SCCM Admin Console, providing seamless integration into existing patch management workflows without any additional client deployment, infrastructure requirements or added consoles.

Key Takeaways:

-Hear a real-world case study from a customer that addresses 3rd party patching to protect and defend themselves against malware/randsomware within their enterprise

-Learn about free add-on tools available from Microsoft and the System Center community to help extend and enhance the core capabilities of SCCM for security compliance monitoring and management

System Center Configuration Manager is the solution of choice for managing today's enterprise environments. But what’s an administrator to do when a security audit includes vulnerabilities in non-Microsoft applications and server platforms?

Introducing the only enterprise-class 3rd party patching solutions designed exclusively for System Center environments that require operationally efficient and reliable security and compliance patching solutions.

Join us for a discussion of practical methods to improve and automate the patch process for your most targeted 3rd party desktop applications and non-Windows server platforms, reduce the time you spend building updates, and improve audit readiness in your Windows environment.

Security is Complex, Patching with Microsoft® System Center Shouldn't Be

System Center Configuration Manager is the solution of choice for managing today's enterprise environments. But what’s an administrator to do when a security audit includes vulnerabilities in non-Microsoft applications?

Introducing the only enterprise-class 3rd party patching solution designed exclusively for System Center environments that require operationally efficient and reliable security and compliance patching solutions.

Join us for an in-depth demonstration of practical methods to improve the patch process for your most targeted 3rd party desktop applications, reduce the time you spend building updates, and improve audit readiness in your Windows environment—through our newly released Lumension® Patch Manager DeskTop plug-in.

Key capabilities include:
Integrated plug-in with automated content subscription and synchronized scheduling—all within the familiar SCCM console but without need for manual SCUP input
Ensures systems are correctly patched the first time though Patent-pending Patch-Smart™ technology
Enterprise-class content which delivers in-depth vulnerability information and supports both enterprise and consumer versions of the most widely adopted, highly targeted applications

After so many massive data breaches in 2014, it’s small wonder that data protection is such a hot topic today. The fourth annual Data Protection Maturity Trends report delves into the issues and concerns facing IT security teams, how effective their data protection efforts have been to date, and their plans for 2015 and beyond.

Larry Ponemon, President of Ponemon Institute and Chris Merritt, Director of Solution Marketing of Lumension

User-centric risk tops this year’s concerns: what is IT doing about it?
Endpoint risk is rising and 78% of respondents to the new 2015 State of Endpoint Security study say negligent, careless employees not following policy are IT’s biggest threat.

The 6th Annual survey, conducted by Ponemon Institute, asked IT practitioners involved in securing endpoints about risks and challenges in 2015. This year’s report reveals why risk has become more challenging over the last 24 months and what IT plans to do about it in 2015.

Join us Wednesday January 21st at 8am PST / 11am EST, as Larry Ponemon and Chris Merritt reveal analysis from the Annual State of Endpoint Risk, sponsored by Lumension, including:
• The evolving IT threat landscape and today’s top-5 risks
• The disconnect between perceived and actual risk, and the corresponding strategies to combat these threats including detect and respond, big data and threat intelligence
• Insights into new Infosec budgets and their 2015 allocations

Register Today, and learn how your peers are planning on addressing the endpoint security risks and challenges of 2015.

Over the past few years Endpoint Security Management offerings — including patching, configuration, device control, and mobility — have been bundled into suites to simplify management. Protecting endpoint devices continues to get harder, so Securosis has authored new research that now includes anti-malware, BYOD and more.

Join Mike Rothman, President, Securosis as he shares clear, up-to-date buying criteria for those looking at procuring endpoint solutions in the near future. Included will be a look at the ongoing challenge of securing endpoints, recommended how-to’s on protecting endpoints, reducing attack surface and managing mobile security as well as important buying considerations and a procurement process.

The days in which an organization owned and issued all devices accessing its network are long gone. Employees are now using their personal mobile devices to store and access corporate data, but many organizations do not have policies or security in place to mitigate BYOD risk.

We learned in the 2014 State of the Endpoint Survey by Ponemon that 75% of IT professionals saw mobile device protection as the number one challenge for 2014, and 46% admitted they have no security policies in place for mobile devices.

Since mobile device security is an increasing priority, Lumension sponsored the second BYOD & Mobile Security Survey with the global LinkedIn Information Security group to hear the community’s views and sentiment on this issue. After surveying over 1,000 respondents, the preliminary results are in, and we want to give a sneak peek to share the findings with you!

Point of Sale (POS) systems have long been the target of financially-motivated crime. And in 2013 the magnitude of cybercrime against POS systems skyrocketed, with 97% of breaches in the retail sector and 47% in the healthcare sector aimed against POS systems. With sensitive financial and personal records getting exposed by the millions, the FBI recently warned that POS systems are under sustained and continued attack.

During this webcast, we will take you into the three critical entry points to POS system attacks. We’ll discuss how the attacks look, the timelines for these breaches, and what proactive security measures you can take to help your organization minimize the risk to your POS systems.

In 2012 we found that the BYOD environment and the consumerization of the workplace had turned traditional notions of corporate IT upside down. In this webcast, we’ll look at the results from the 3rd annual survey and look at how mobility has changed the way IT teams are managing their devices, how effective their efforts are, and their biggest concerns.

During this webcast we will look at each of data protection trends, helping you define best practices for your organization to address the top concerns. We’ll also show you how you can gauge the maturity of your security systems, allowing you to plug any holes before your valuable data starts to leak through them.

Larry Ponemon, President of Ponemon Institute and Ed Brice, SVP of Lumension

Organizations around the world are losing intellectual property and customer data to cyber criminals at mind-boggling rates. How is this happening?

For 5 consecutive years, the annual State of the Endpoint Report, conducted by Ponemon Institute, has surveyed IT practitioners involved in securing endpoints. This year’s report reveals endpoint security risk is more difficult to minimize than ever before. What are IT pros most concerned about heading into 2014? From the proliferation of mobile devices, third party applications, and targeted attacks/APTs, endpoint security risk for 2014 is becoming more of a challenge to manage.

Join Larry Ponemon of the Ponemon Institute and Ed Brice of Lumension for a webcast that will reveal statistics on growing insecurity, IT’s perceived areas of greatest risk for 2014 as well as tactical suggestions for how to improve your endpoint security. Specifically, you will learn:

•IT perspective on the changing threat landscape and today’s Top 5 risks;
•Disconnect between perceived risk and corresponding strategies to combat those threats;
•Tips and tricks on how to best communicate today’s threats and subsequent needed responses up the management chain

In April 2014, Microsoft ends support for Windows XP. In a perfect world, your organization will have developed a plan by the end of 2013 and will have migrated all XP systems before Microsoft stops providing security patches. Unfortunately, there are many obstacles to making this strategy a reality – time, resources, budget, etc.

If your organization still uses WinXP – or other applications such as Office 2003 or Internet Explorer 6 for which support also ends – you need a plan B. Join this webinar to:

•Learn what end of life means to your organization from a security perspective
•What options are available to secure your organization from vulnerabilities
•How other organizations are planning to remain secure and compliant until they are fully migrated

Understand how you can protect your WinXP systems beyond end-of-support. With application whitelisting and advanced memory protection, you can effectively prevent security risks that are inevitable once your organization is no longer receiving Microsoft patches.

If you’re like most IT professionals, you’ve probably heard analyst firms like Gartner and Forrester recommend using application whitelisting to defend your endpoints. The latest generation of application whitelisting provides flexible protection against modern, sophisticated malware and targeted attacks. However, application whitelisting is not something you turn on overnight.

Attend this in-depth technical webcast as we dive into the latest technologies, including reflective memory protection, and other whitelisting approaches, to learn best practices to begin preparing for your 2014 endpoint security strategy and the inevitable transition from traditional signature-based protection to a holistic solution that incorporates whitelisting.

• Gain knowledge of continuous improvements made in best practices for application whitelisting

*Receive 1 CPE credit for attending this webcast. To earn this credit, viewers must be active participants for the duration of the webcast. Please enter your appropriate membership ID upon registration to ensure relevant credits are allocated to your accounts when we submit them.

Last year we offered our thoughts on buying Endpoint Security Management solutions — including patching, configuration, device control, and file integrity monitoring — which are increasingly bundled in suites to simplify management. For 2014, malware and mobility have become the most critical issues facing organizations at they look to protect their endpoint devices. Thus we've updated our research to make sure you have the latest and greatest information on which to base your buying decisions.

Join Mike Rothman, Analyst & President from Securosis, as he dives into an interactive discussion around endpoint security in 2014, and provides clear buying criteria for those of you looking at these solutions in the near future.

What you will learn:

•Protecting Endpoints: How the attack surface had changed, and the impact to your defense strategy

•Anti-Malware: The best ways to deal with today's malware and effectively protect your endpoints from attack

*Receive 1 CPE credit for attending this webcast. To earn this credit, viewers must be active participants for the duration of the webcast. Please enter your appropriate membership ID upon registration to ensure relevant credits are allocated to your accounts when we submit them.

Bring Your Own Device (BYOD) is a popular topic in 2013. The trouble is that IT is trying to understand the security risks and prepare strategies to either adopt employee-owned mobile devices or decide against it for security and data control reasons.

The 160,000 member Information Security Community on LinkedIn conducted the survey “BYOD & Mobile Security 2013” to shed some light on the drivers for BYOD, how companies will benefit from BYOD, and how they respond to the security risks associated with this trend. With 1,600 responses, some interesting insights and patterns into BYOD were uncovered.

Do you want to know how ‘best-of-breed’ enterprises prioritize their IT risk? Join Richard Mason, Vice President & Chief Security Officer at Honeywell, whose team is responsible for global security, during a roundtable discussion with Pat Clawson, Chairman & CEO of Lumension and Roger Grimes, Security Columnist & Author. Uncover strategies beyond traditional antivirus signatures and learn a more holistic approach to effective risk management. Find out ‘how’ and ‘why’ you can make security a prioritized function within your organization.

Many organizations are jumping on the “Death to Java” bandwagon, ranting about turning off Java to eliminate risk. However, it is important to put the issue in the proper context. The reality is that a Java vulnerability is not the end game for a cyber criminal, it is merely a delivery mechanism in the quest to install and execute bigger malware.

There is no “one size fits all” recommendation for eliminating Java risks. But, you do want to eliminate as much exploitable surface area as reasonably possible on your critical endpoints. This should be the philosophy engrained in every organization’s security culture. If you’re not having this conversation about Java - and quite frankly all of the third-party applications in your environment - you are missing the mark and not calculating your risk. Join Paul Henry and Russ Ernst as they bring us up to speed on the Java vulnerabilities and how to limit your exposure without going overboard.

Businesses large and small continue to struggle with malware. As a result, 50% of endpoint operating costs are directly attributable to malware alone[1]. Traditional approaches to malware protection, like standalone antivirus, are proving themselves unfit for the task. Something has to give.

In this roundtable discussion, independent information security expert Kevin Beaver and Lumension Security’s Chris Merritt will talk about what can be done differently, including:

• How to get a better grasp of the weaknesses in endpoint security that continue to get overlooked,
• Examining whether or not anti-virus as we’ve known it is effective, and
• A comparison between a proactive versus reactive approach to fighting the malware fight.

In 2012 we found out that the BYOD environment and consumerization of the workplace had turned traditional notions of corporate IT upside down. The 2013 Data Protection Maturity Report will highlight how organizations have managed this trend over the last year and what steps are being taken in 2013 to further enhance data security. Find out how IT teams are developing a holistic model that encompasses policy, education, technology and enforcement.

During this webcast we look at each of data protection trends, helping you define your organization’s best practice guide to address the top concerns. We will also be showing you how you can gauge the maturity of your security systems, allowing you to plug any holes before your valuable data starts to leak through them.

Larry Ponemon, President of Ponemon Institute and Paul Zimski, VP of Lumension

What are IT pros most concerned about heading into 2013? The annual State of the Endpoint Report sponsored by Lumension and conducted by Ponemon Institute reveals APTs and mobile devices pose the biggest security threat to organizations in the coming year. Unfortunately, respondents also demonstrated a disconnect between their identified risk and planned security spend as well as a significant need for improved internal collaboration.

Join Larry Ponemon of the Ponemon Institute and Paul Zimski of Lumension for a webcast that will reveal statistics on growing insecurity, IT’s perceived areas of greatest risk for 2013 as well as tactical suggestions for how to improve your endpoint security. Specifically, you will learn:

•IT perspective on today’s Top 3 risks;
•Disconnect between perceived risk and corresponding strategies to combat those threats;
•Tips and tricks on how to best communicate today’s threats and subsequent needed responses up the management chain

This channel provides live and on-demand webcasts on a range of Endpoint Management and Security topics, including: identifying the latest trends and best practices for minimizing insider risks, reducing your threat exposure, managing Web 2.0 threats, reducing your cost of compliance and taking control of your endpoints, from both an operational and security perspective.